-
Notifications
You must be signed in to change notification settings - Fork 557
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Questionable package name validation #11800
Comments
From @cpansproutThis is apparently a valid package name: $ perl -le 'q"_#@*$!@*^("->can(can); print -ok' But this is not: $ perl -le 'q"#@*$!@*^(_"->can(can); print -ok' That also means that main::foo is not always equivalent to ::foo: $ perl -le 'main::foo->can(can); print -ok' If we could eliminate that check, it would allow for far more possibilities with UNIVERSAL methods--a bit like autobox. I think this is a pity: $ ./perl -Ilib -le' print foo->CORE::uc' Also, the Unicode Bug affects class method calls. Fixing the above (which would fix this too) is easier than fixing just this: $ ./perl -Ilib -Mutf8 -le '$p = "þackage"; $p->can(can)' $ ./perl -Ilib -Mutf8 -le '$p = "þackage"; utf8::downgrade $p; $p->can(can)' It doesn’t even work when the package exists. And to drive the point home: $ perl -e 'sub foo { warn $::Moose::VERSION } use Moose' Flags: Site configuration information for perl 5.15.4: Configured by sprout at Wed Nov 2 09:06:14 PDT 2011. Summary of my perl5 (revision 5 version 15 subversion 4) configuration: Locally applied patches: @INC for perl 5.15.4: Environment for perl 5.15.4: |
From @ikegamiOn Sun, Dec 11, 2011 at 4:35 PM, Father Chrysostomos <
And feature unicode_strings doesn't help. |
The RT System itself - Status changed from 'new' to 'open' |
From @HugmeirOn Tue, Dec 13, 2011 at 5:48 PM, Eric Brine <ikegami@adaelis.com> wrote:
Whoops, that was me. Fixing this is one line in pp_hot.c (patch attached), A valid class name, as far as the left side of -> is concerned, is either The IO part is the real kicker though: You can make *anything* a valid |
From @Hugmeir0001-pp_hot.c-First-letter-of-latin-1-classnames-wasn-t.patchFrom a9ad2aee8acc54e97fdd09e75ae9390b5b2807b2 Mon Sep 17 00:00:00 2001
From: Brian Fraser <fraserbn@gmail.com>
Date: Tue, 13 Dec 2011 19:32:48 -0300
Subject: [PATCH] pp_hot.c: First letter of latin-1 classnames wasn't being checked correctly.
Previously the first letter for latin-1 classnames was being mischecked, only
allowing ASCII, which caused an instance of the Unicode Bug for downgradable
classnames.
---
pp_hot.c | 2 +-
t/uni/package.t | 19 ++++++++++++++++++-
2 files changed, 19 insertions(+), 2 deletions(-)
diff --git a/pp_hot.c b/pp_hot.c
index 70eb5a1..a2d6f91 100644
--- a/pp_hot.c
+++ b/pp_hot.c
@@ -2973,7 +2973,7 @@ S_method_common(pTHX_ SV* meth, U32* hashp)
if (!packname ||
((UTF8_IS_START(*packname) && DO_UTF8(sv))
? !isIDFIRST_utf8((U8*)packname)
- : !isIDFIRST(*packname)
+ : !isIDFIRST_L1((U8)*packname)
))
{
Perl_croak(aTHX_ "Can't call method \"%"SVf"\" %s",
diff --git a/t/uni/package.t b/t/uni/package.t
index 317ddd4..bb9092b 100644
--- a/t/uni/package.t
+++ b/t/uni/package.t
@@ -6,7 +6,7 @@ BEGIN {
require './test.pl';
}
-plan (tests => 16);
+plan (tests => 18);
use utf8;
use open qw( :utf8 :std );
@@ -92,3 +92,20 @@ ok 1, "sanity check. If we got this far, UTF-8 in package names is legal.";
eval q[package ��� {];
like $@, qr/\AMissing right curly /, "comp/package_block.t test";
}
+
+# perl #105922
+
+{
+ my $latin_1 = "��ackage";
+ my $utf8 = "��ackage";
+ utf8::downgrade($latin_1);
+ utf8::upgrade($utf8);
+
+ local $@;
+ eval { $latin_1->can("yadda") };
+ ok(!$@, "latin1->meth works");
+
+ local $@;
+ eval { $utf8->can("yadda") };
+ ok(!$@, "utf8->meth works");
+}
--
1.5.6.3
|
From tchrist@perl.com
Oh darn it. I had convinced myself that Perl identifiers could And which ones can start with \p{Nd} is also anything but clear. Not clear, not clean. --tom |
From @HugmeirOn Tue, Dec 13, 2011 at 8:12 PM, Tom Christiansen <tchrist@perl.com> wrote:
That's rightish too. But do note that I said class names on the left side |
From @cpansproutOn Tue Dec 13 14:58:38 2011, Hugmeir wrote:
That’s not a class method call. That’s an IO method. $ perl -E 'open q<#@*$!@*^(_>, ">", undef; q<#@*$!@*^(_>->oeunt' And 5.9.5 had a bug making constants turn into IOs: perl5.9.5 -Mconstant=Just,0 -le 'sub :-) -- Father Chrysostomos |
From @cpansproutOn Tue Dec 13 14:58:38 2011, Hugmeir wrote:
Thank you. Applied as d47f310. -- Father Chrysostomos |
@cpansprout - Status changed from 'open' to 'resolved' |
@cpansprout - Status changed from 'resolved' to 'open' |
From @doySo is the way to move forward here to just make any string valid on the -doy |
From @cpansproutOn Tue Jul 03 14:04:57 2012, doy wrote:
Yes, I think so. It’s on my to-do list, but my to-do list is *long*. :-) In other words, I would be happy for someone to get to this before I do. -- Father Chrysostomos |
From [Unknown Contact. See original ticket]On Tue Jul 03 14:04:57 2012, doy wrote:
Yes, I think so. It’s on my to-do list, but my to-do list is *long*. :-) In other words, I would be happy for someone to get to this before I do. -- Father Chrysostomos |
From @rjbsOn Tue Jul 03 14:04:57 2012, doy wrote:
Yes. |
From @cpansproutOn Wed Jul 04 05:46:31 2012, rjbs wrote:
Test::More fails its tests with the attachment, because it’s doing this: elsif( $error =~ /Can't call method "isa" without a package/ ) { but "anything"->isa("Wibble") will simply return false now, instead of That means Test::More::isa_ok may output: # Failed test 'My Wibble isa Wibble' instead of what its tests are checking for: # Failed test 'My Wibble isa Wibble' (That ‘it's a ''’ is another bug, reported as #78204.) I think Test::More’s tests will need a little bit of adjustment. -- Father Chrysostomos |
From @cpansproutFrom 8eff703c953b1daece21d3ef7bda95618fac1a0a Mon Sep 17 00:00:00 2001 The rules for filtering out what do not look like package names are This commit simply lets any non-empty string be used as a package I made an exception for the empty string because it messes up caches Inline Patchdiff --git a/pp_hot.c b/pp_hot.c
index 77b707c..6366aee 100644
--- a/pp_hot.c
+++ b/pp_hot.c
@@ -2960,12 +2960,14 @@ S_method_common(pTHX_ SV* meth, U32* hashp)
PERL_ARGS_ASSERT_METHOD_COMMON;
if (!sv)
+ undefined:
Perl_croak(aTHX_ "Can't call method \"%"SVf"\" on an undefined value",
SVfARG(meth));
SvGETMAGIC(sv);
if (SvROK(sv))
ob = MUTABLE_SV(SvRV(sv));
+ else if (!SvOK(sv)) goto undefined;
else {
GV* iogv;
STRLEN packlen;
@@ -2994,17 +2996,11 @@ S_method_common(pTHX_ SV* meth, U32* hashp)
!(ob=MUTABLE_SV(GvIO(iogv))))
{
/* this isn't the name of a filehandle either */
- if (!packname ||
- ((UTF8_IS_START(*packname) && DO_UTF8(sv))
- ? !isIDFIRST_utf8((U8*)packname)
- : !isIDFIRST_L1((U8)*packname)
- ))
+ if (!packname || !packlen)
{
- /* diag_listed_as: Can't call method "%s" without a package or object reference */
- Perl_croak(aTHX_ "Can't call method \"%"SVf"\" %s",
- SVfARG(meth),
- SvOK(sv) ? "without a package or object reference"
- : "on an undefined value");
+ Perl_croak(aTHX_ "Can't call method \"%"SVf"\" "
+ "without a package or object reference",
+ SVfARG(meth));
}
/* assume it's a package name */
stash = gv_stashpvn(packname, packlen, packname_is_utf8 ? SVf_UTF8 : 0);
diff --git a/t/op/method.t b/t/op/method.t
index 09f6ee3..8f6bfb8 100644
--- a/t/op/method.t
+++ b/t/op/method.t
@@ -13,7 +13,7 @@ BEGIN {
use strict;
no warnings 'once';
-plan(tests => 98);
+plan(tests => 103);
@A::ISA = 'B';
@B::ISA = 'C';
@@ -417,3 +417,15 @@ eval { () = undef; new {} };
like $@,
qr/^Can't call method "new" without a package or object reference/,
'Err msg from new{} when stack contains undef';
+
+sub flomp { "flimp" }
+sub main::::flomp { "flump" }
+is "::"->flomp, 'flump', 'method call on ::';
+is "::main"->flomp, 'flimp', 'method call on ::main';
+eval { ""->flomp };
+like $@,
+ qr/^Can't call method "flomp" without a package or object reference/,
+ 'method call on empty string';
+is "3foo"->CORE::uc, '3FOO', '"3foo"->CORE::uc';
+{ no strict; @{"3foo::ISA"} = "CORE"; }
+is "3foo"->uc, '3FOO', '"3foo"->uc (autobox style!)';
diff --git a/t/run/fresh_perl.t b/t/run/fresh_perl.t
index cd5899a..376ceaf 100644
--- a/t/run/fresh_perl.t
+++ b/t/run/fresh_perl.t
@@ -81,7 +81,7 @@ $array[128]=1
########
$x=0x0eabcd; print $x->ref;
EXPECT
-Can't call method "ref" without a package or object reference at - line 1.
+Can't locate object method "ref" via package "961485" (perhaps you forgot to load "961485"?) at - line 1.
########
chop ($str .= <DATA>);
######## |
From [Unknown Contact. See original ticket]On Wed Jul 04 05:46:31 2012, rjbs wrote:
Test::More fails its tests with the attachment, because it’s doing this: elsif( $error =~ /Can't call method "isa" without a package/ ) { but "anything"->isa("Wibble") will simply return false now, instead of That means Test::More::isa_ok may output: # Failed test 'My Wibble isa Wibble' instead of what its tests are checking for: # Failed test 'My Wibble isa Wibble' (That ‘it's a ''’ is another bug, reported as #78204.) I think Test::More’s tests will need a little bit of adjustment. -- Father Chrysostomos |
From @cpansproutOn Wed Jul 04 12:36:34 2012, sprout wrote:
which is also on the sprout/package-names-113974 branch. -- Father Chrysostomos |
From [Unknown Contact. See original ticket]On Wed Jul 04 12:36:34 2012, sprout wrote:
which is also on the sprout/package-names-113974 branch. -- Father Chrysostomos |
From @rjbs* Father Chrysostomos via RT <perlbug-comment@perl.org> [2012-07-04T15:36:35]
I think so, too. Schwern, what say you? -- |
From @schwern-----BEGIN PGP SIGNED MESSAGE----- On 2012.7.5 7:53 PM, Ricardo Signes wrote:
I have no objection. - -- iEYEARECAAYFAk/2WrgACgkQWMohlhD1QyfosgCfQRSIoGkdAK7JGRJre4eKalZY |
From @cpansproutFixed in 7156e69. Father Chrysostomos |
From [Unknown Contact. See original ticket]Fixed in 7156e69. Father Chrysostomos |
@cpansprout - Status changed from 'open' to 'resolved' |
Migrated from rt.perl.org#105922 (status was 'resolved')
Searchable as RT105922$
The text was updated successfully, but these errors were encountered: